• Like
Architectural Implications of Cloud Computing
Upcoming SlideShare
Loading in...5
×

Architectural Implications of Cloud Computing

  • 1,137 views
Uploaded on

Grace Lewis - SEI Technologies Forum 2011

Grace Lewis - SEI Technologies Forum 2011

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,137
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
9
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Architectural Implications of Cloud ComputingGrace LewisResearch, Technology and Systems Solutions(RTSS) ProgramLewis is a senior member of the technical staff at the SEI in theResearch, Technology, and System Solutions (RTSS) Program.Her current interests and projects are in service-orientedarchitecture (SOA), cloud computing, and context-aware mobileapplications. SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 2. AgendaBasic Cloud Computing ConceptsArchitectural Implications of Cloud ComputingFinal Thoughts SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 3. Cloud Computing“A large-scale distributed computing paradigm that is driven by economies of scale, in which a pool of abstracted, virtualized, dynamically-scalable, managed computing jaworski.net power, storage, platforms, and services are delivered on demand to external customers over the Internet.”I. Foster, Y. Zhau, R. Ioan, and S. Lu. “Cloud Computing and Grid Computing:360-Degree Compared.” Grid Computing Environments Workshop, 2008.“A model for enabling convenient, on-demand network access to ashared pool of configurable computing resources (e.g., networks,servers, storage, applications, and services) that can be rapidlyprovisioned and released with minimal management effort or serviceprovider interaction.”National Institute of Standards and Technology (NIST), 2011. SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 4. Cloud Computing Types Software-as-a-Service (SaaS) Public Cloud Platform-as-a-Service (PaaS) Private Cloud Infrastructure-as-a-Service (IaaS) Based on Type of Capability Based on Who Can Access Resources SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 5. Infrastructure-as-a-Service (IaaS)Mainly computational infrastructure available over the internet, such as compute cycles and storageAllows organizations and developers to extend their IT infrastructure on an on-demand basisExamples of IaaS Providers • Amazon Elastic Compute Cloud (EC2) – Provides users a special virtual machine (AMI) that can be deployed and run on the EC2 infrastructure • Amazon Simple Storage Solution (S3) – Provides users access to dynamically scalable storage resources z.about.com • IBM Computing on Demand (CoD) – Provides users access to highly configurable servers plus value- added services such as data storage • Microsoft Live Mesh – Provides users access to a distributed file system; targeted at individual use SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 6. Platform-as-a-Service (PaaS)Application development platforms the allow the usage of external resources to create and host applications of a larger scale than an individual or small organization would be able to handleExamples of PaaS providers vertoda.files.wordpress.com • Akamai EdgePlatform – Large distributed computing platform for web application deployment (focus on analysis and monitoring of resources) • Force.com – Platform to build and run applications and components bought from AppExchange or custom applications • Google App Engine – Platform to develop and run applications on Google’s infrastructure • Microsoft Azure Services Platform – On-demand compute and storage services as well as a development platform based on Windows Azure • Yahoo! Open Strategy (Y!OS) – Platform to develop and web applications on top of the existing Yahoo! Platform (focus on social applications) SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 7. Software-as-a-Service (SaaS)Model of software deployment in which a third-party provider licenses an application to customers for use as a service on demandExamples • Google Apps – Web-based office tools such as e-mail, calendar and document management tools • Salesforce.com – Full customer relationship management (CRM) application • Zoho – Large suite of web-based applications, mostly for enterprise use cloudtp.com SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 8. Cloud Computing Types — Based on AccessPublic PERSPECTIVE • Offered as a service, usually over an Internet connection • Typically charge a pay-per-use fee • Users can scale on-demand and do not need to Cloud purchase hardware Consumer • Cloud providers manage the infrastructure and pool resources into capacity required by consumersPrivate • Deployed inside the firewall and managed by the user organization • User organization owns the software and hardware Cloud running in the cloud Provider • User organization manages the cloud and provides cloud resources • Resources typically not shared outside the organization and full control is retained by the organization SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 9. Drivers for Cloud Computing AdoptionScalability Organizations have access to a large amount of resources that scale based on user demandElasticity Organization’s can request, use, and release as many resources as needed based on changing needsVirtualization Each user has a single view of the available resources, independently of how they are arranged in terms of physical devicesLower The pay-per-use model allows an organization to only pay for theInfrastructure resources they need with basically no investment in the physicalCosts resources available in the cloud. There are no infrastructure maintenance or upgrade costsAvailability Organizations have the ability for the user to access data and applications from around the globeCollaboration Organizations are starting to see the cloud as a way to work simultaneously on common data and informationRisk Reduction Organizations can use the cloud to test ideas and concepts before making major investments in technologyReliability In order to support SLAs (service-level agreements), cloud providers have reliability mechanisms that are much more robust than those that could be cost-effectively provided by a single organization SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 10. Barriers for Cloud Computing AdoptionSecurity The key concern is data privacy: organizations do not have control of or know where their data is being storedInteroperability A universal set of standards and/or interfaces has not yet been defined, resulting in a significant risk of vendor lock-inResource The amount of control that the organization has over the cloudControl environment varies greatlyLatency All access to the cloud is done via the internet, introducing latency into every communication between the user and the environmentPlatform or Some cloud environments provide support for specific platforms andLanguage languages onlyConstraintsLegal Issues There are concerns in the cloud computing community over jurisdiction, data protection, fair information practices, and international data transfer SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 11. AgendaBasic Cloud Computing ConceptsArchitectural Implications of Cloud ComputingFinal Thoughts SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 12. IaaS: Examples of Architecture and DesignQuestions How are resource failures detected and What communication What communicated? How mechanisms exist computation are SLA commitments between the consumer is performed maintained and and the cloud resource?in the cloud? monitored? A full application? What data is Only certain stored in thefunctionality? cloud? Is it synchronized with other sets of data? Are there data privacy concerns? What security mechanisms are provided by the cloud resource? Systems residing in the cloud or using resources from the cloud will have to be designed and architected to account for lack of full control over important quality attributes SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 13. PaaS: Examples of Architecture and DesignQuestions Will cloud resources always be active? Is a cloud bursting strategy appropriate? Where do external users authenticate? What data is stored in the cloud? Is it possible for the system to run in the cloud and the data to remain local? Are all system elements compatible with the cloud platform? Are adapters necessary? SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 14. SaaS: Examples of Architecture and DesignQuestions How does the cloud system fit with the existing infrastructure?What type of client isused to interact with the What dataSaaS resource? adapters and What additional transformers are mechanisms need to necessary to be put in place to interoperate with monitor system other systems? performance and usage? Is the SaaS security architecture compatible with the organization’s security architecture? SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 15. Cloud ConsumerExample Decision # 1: Data ModelTypical decisions of a distributed environment • Local vs. Remote • Total vs. Partitioned • Distributed vs. Centralized • Active Replication vs. Passive Replication • Data Security ModelChallenges • Data privacy • Data synchronization • Performance www.jasonkolb.com SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 16. Cloud ConsumerExample Decision # 2: User Authentication ModelAuthentication is the mechanism by which consumers and providers prove to one another that they are acting on behalf of specific users or systemsTypical decisions of a distributed, multi-organizational environment • Local vs. Remote Authentication • Single Sign-On or Separate Authentication • Local or Remote Identity Data • Authentication MethodChallenges • Incompatible authentication methods • Physical security of identity data • Synchronization of identity data • Auditing blogs.verisign.com SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 17. Cloud ConsumerExample Decision # 3: Allocation ofFunctionalityDecisions depend on the type of cloud implementation • What functionality to deploy in the cloud? • What functionality has to be implemented in addition to the functionality offered by the cloud provider? – Security – Management – Abstraction layers, e.g. data access, transformations, adapters leogrilo.files.wordpress.com SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 18. Cloud ConsumerExample Decision # 4: Cloud BurstingRefers to a system that is designed for average load, but is capable of load balancing to a cloud when it reaches its full capacityDecisions • Activation, initialization and de-activation of the cloud resource • State and data synchronization • Computational elements to determine full capacity • Computational elements for monitoring load and usage mccallioncom425.files.wordpress.com SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 19. Cloud ConsumerExample Decision # 5: Cloud ResourceManagementDecisions • Elements for failure detection and communication • Elements for SLA monitoring • Logging: where, what and when blogumn.com SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 20. Cloud ProviderExample Decision #1: Multi-Tenancy 1Mainly in SaaS implementations, a tenant is an organization that makes use of cloud resourcesMulti-tenancy requires • Awareness of tenant context: the capability of recognizing the identity of the tenant requesting the resources based on message information as well as configuration data • Data isolation: tenants should only have access to their own data • Performance isolation: resource performance should conform to service- level agreements, regardless of the load on the system i.zdnet.com SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 21. Cloud ProviderExample Decision #1: Multi-Tenancy 2 Another option One Option 1 Option 2 Option 3 is to haveoption is multiple to have identical one instances thatinstance are managed per by a load tenant balancer Another option is to have a single instance that uses tenant configuration data to provide Hybrid options tenant context are also possible SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 22. Cloud ProviderExample Decision #2: Virtualization Strategy 1Virtualization in general is the abstraction of computing resources, e.g. • Network virtualization: division of available bandwidth into channels that can be assigned to a particular resource in real time • Storage virtualization: combination of physical storage devices into what appears to be a single storage device , e.g. SAN (storage area network) • Server virtualization: hiding of server resources (number and identity of individual physical servers, processors, and operating systems) from server users, e.g. VMs (virtual machines) Server Virtualization Example news.cnet.com/i/bto/20090528/Virtualization_stack_270x258.jpg SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 23. Cloud ProviderExample Decision #2: Virtualization Strategy 2Server Virtualization Example OS can execute other applications, e.g. customRequires monitoringdedicated applicationsmachine However, there is a performance penalty Main question is “How and when are virtual machines deployed, started, initialized, de- activated, replaced, managed and terminated?” SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 24. Cloud ProviderExample Decision #3: Resource Interfaces 1Cloud APIs are not yet standardized, so each cloud provider has its own specific APIs for managing its servicesCurrently, most Cloud APIs are SOAP- or REST-based SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 25. Cloud ProviderExample Decision #3: Resource Interfaces 2Supported Protocols Sample Amazon EC2 Operations (IaaS)Operations • Create Image • Functionality • Stop Instances • Create Security Group • Configuration • Monitor Instances • ManagementQoS Support Sample Google App Engine Operations (PaaS) • Security • Upload Application Code • Usability • Authenticate User • Configurability • Send E-mail Sample Zoho.com Operations (SaaS) • Set Up Application • View Application Usage Data • Embed in “X” SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 26. AgendaBasic Cloud Computing ConceptsArchitectural Implications of Cloud ComputingFinal Thoughts SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 27. Cloud Computing is at the “Peak of Inflated Expectations”Source: Gartner, Hype Cycle for Emerging Technologies, 2009 SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 28. The Concept of Private Clouds is Starting to AppearSource: Gartner, Hype Cycle for Emerging Technologies, 2010 SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 29. Final Thoughts 1Cloud Computing is in essence an economic model • It is a different way to acquire and manage IT resourcesThere are multiple cloud providers—the cloud is real • Currently most cloud consumers are small enterprises • Large enterprises are exploring private clouds • The number of providers will most probably grow as people start seeing greater savings and improvements to reduce adoption barriersCloud Computing adoption requires cost/benefit/risk analysis to determine • What resources to move to the cloud (if any) • What situations warrant use of cloud resources, even for one-time situations • Implementation of private clouds vs. usage of public clouds • What risks are associated with using resources on the cloud • What risks are associated to providing resources in the cloud SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 30. Final Thoughts 2Decisions from a cloud consumer perspective depend on • Required control level • Required security level • Compatibility with local infrastructureDecisions from a cloud provider perspective depend on • Market/user characteristics • Established SLAs • Available technologyIn general, these are not fully technical decisions • Processes — especially engineering practices • Governance • Cost/Benefit analysis askbobrankin.com SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 31. Cloud Provider and Tool References• 3tera: http://www.3tera.com/• Akamai EdgePlatform: http://www.akamai.com/html/technology/edgeplatform.html• Amazon Elastic Compute Cloud (EC2): http://aws.amazon.com/ec2/• Amazon Simple Storage Solution (S3): http://aws.amazon.com/s3/• Eucalyptus Systems: http://www.eucalyptus.com/• Force.com: http://www.salesforce.com/platform/• Google App Engine: http://code.google.com/appengine/• Google Apps: http://www.google.com/apps/intl/en/business/index.html• IBM Computing On Demand: http://www-03.ibm.com/systems/deepcomputing/cod/• Microsoft Azure Services Platform: http://www.microsoft.com/azure/• Microsoft Live Mesh: http://www.mesh.com/• Salesforce.com: http://www.salesforce.com/crm/products.jsp• Ubuntu: http://www.ubuntu.com/cloud• Yahoo! Open Strategy (Y!OS): http://developer.yahoo.com/yos/intro/• Zoho: http://www.zoho.com/ SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 32. Contact InformationGrace A. LewisResearch, Technology and Systems Solutions (RTSS) ProgramAdvanced Mobile Systems (AMS) InitiativeSoftware Engineering Institute4500 Fifth AvenuePittsburgh, PA 15213-2612USAPhone: +1 412-268-5851Email: glewis@sei.cmu.eduWWW: http://www.sei.cmu.edu/about/people/glewis.cfm SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 33. This work was created in the performance of Federal Government Contract NumberFA8721-05-C-0003 with Carnegie Mellon University for the operation of the SoftwareEngineering Institute, a federally funded research and development center. TheGovernment of the United States has a royalty-free government-purpose license to use,duplicate, or disclose the work, in whole or in part and in any manner, and to have orpermit others to do so, for government purposes pursuant to the copyright license underthe clause at 252.227-7013.This Presentation may be reproduced in its entirety, without modification, and freelydistributed in written or electronic form without requesting formal permission. Permissionis required for any other use. Requests for permission should be directed to the SoftwareEngineering Institute at permission@sei.cmu.edu.NO WARRANTYTHIS MATERIAL OF CARNEGIE MELLON UNIVERSITY AND ITS SOFTWAREENGINEERING INSTITUTE IS FURNISHED ON AN “AS-IS" BASIS. CARNEGIEMELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSEDOR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTYOF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTSOBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOESNOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROMPATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT. SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University
  • 34. As projects continue to grow in scale and complexity, effective collaboration across geographical, cultural, and technical boundaries isincreasingly prevalent and essential to system success. SATURN 2012 will explore the theme of “Architecture: Catalyst for Collaboration.” SEI Technologies Forum Twitter #SEIVirtualForum © 2011 Carnegie Mellon University